On Wed, 15 Oct 2003 12:31:37 +0200 (CEST)
Tomasz Kojm <[EMAIL PROTECTED]> wrote:
Please don't use 0.60, download CVS version (snapshots
available at
http://clamav.sf.net/snapshot).
Being in this list for some time I could see the answer
for most segfaults or compile problem was "please use
lat
Raymond Norton wrote:
I am trying to see how this is a benefit to run over sophos. It seems we
still need to either delete, or disinfect the file, so I would need another
program to do this.
Even Sophos can't disinfect ALL virus. In my oppinion, deleting (or
quarantining) is the best option for
I thought --daemon-notify was like a force-reload, and clamd reloads
its database as-needed anyway everytime it verifies the database?
ODHIAMBO Washington wrote:
* Rodrigo Severo <[EMAIL PROTECTED]> [20030609 10:45]: wrote:
I thought freshclam did clamd RELOAD the virus database u
Yup, I got that message too.
However, my freshclam (ClamAV version 20030522) simply switches to next
mirror. Update successfull.
Anybody knows what's causing this?
Sohail wrote:
Hi all,
I am getting the following errors when i am trying to update my virus
definitions after installing the cla
Great document, but
"you should have received ssh-keys and/or ftp passwords"
Is this for the signature-update members only?
I don't recall any passwords sent in this list (it shouldn't anyway).
So basically others users still send virus samples to
[EMAIL PROTECTED], right?
Tomasz Kojm wrote:
I sent it to [EMAIL PROTECTED]
You could also see it here :
http://antispam.or.id/fortnight.eml
Diego d'Ambra wrote:
Could you drop me a mail sample - I will then take a look at it. Please
upload the sample to a web-site to prevent other scanners from stopping
your mail.
Best regards,
Diego d'A
I'm using exim+exiscan-acl+clamav, with demime on, which would feed Clam
with a directory containing orignal mail, decoded message (I think), and
all attachments.
Could it be that different FortNight variants connects to different
URLS? That would make the pattern different too, right?
Diego d'
Nope. Email still gets thru. Database was updated. Sent sample to
[EMAIL PROTECTED]
bash-2.03# grep -i fortnight viruses.db
Exploit.FortNight
(Clam)=3c4449563e3c494652414d45207372633d334422687474703a2f2f772e70726f73746f6c2e636f6d2f6d2e68746d6c222077696474683d3344303d3230
JS.FortNight.E
(Cla
Hi,
I know clamav supposed to know FortNight
(http://www.sarc.com/avcenter/cgi-bin/virauto.cgi?vid=27893) virus already :
bash-2.03# cat viruses.db|grep -i fortnight
Exploit.FortNight
(Clam)=3c4449563e3c494652414d45207372633d334422687474703a2f2f772e70726f73746f6c2e636f6d2f6d2e68746d6c222077
I suggest you use the newest snapshot, since 0.54 crashed more often (on
my installation, that is).
If you use the new exiscan-acl with clamd support, you could probably
just use these in exim config (modify to fit your configuration):
#[main config section]
av_scanner = clamd:/tmp/clamd
#[acl
Sorry about that. It was an old virus, I don't keep the original mail
anymore. I just keep the attachment.
Anyway,
I'm currently implementing exim 4.20 - exiscan-acl - clamav 20030522 in
7 MTAs.
Most are fine (I set exim's maximum connection to 384).
Two of them, because of the heavy traffic, h
Or you could just use this script. I modify it from exims' exicyclog.
Just put it in the crontab.
My log is stored as /var/spool/exim/log/clamd.log
You probably need to tidy it up a little
#! /bin/sh
keep=10
compress=/usr/bin/gzip
suffix=gz
chown=/usr/bin/chown
chgrp=/usr/bin/chgrp
mv=/bin/m
Hi,
I'm attaching a zip file (password : "virus") containing a virus
attachment (joke.exe) which clamav missed during scanning.
I believe the virus is "Snow White" or "WORM_LOVGATE.B"
Strangely enough, Yahoo's Symantec scanner seemed to miss it too.
virus.zip
Description: Zip compressed data
-
I use httpd-2.0.44 on Solaris 8+gcc 3.2.2, it compiles and works fine.
I haven't tested the security, but so far it has not been hacked yet :)
I wonder if using apache as proxy server is a fast solution though. I
have used it with apache 1.3 iand it is VEEERY SLOW compared to Squid.
Piotr Kas
Ah ... perhaps that explains why my system is still working well. I
don't use ScanMail :)
Andreas Schmitz wrote:
After I have tested a little bit with it, I discovered that the memory
leak is on my system only when I have enabled ScanMail in clamav.conf
and clamd scans a .mbox file.
NO ...
What is the problem anyway? Memory leak? Crash?
I've been using it for 3 days now on Solaris and it seems to work fine.
MUCH better than the previous or stable snapshot :(
ODHIAMBO Washington wrote:
* Tomasz Kojm <[EMAIL PROTECTED]> [20030430 17:39]: wrote:
Hi!
What? you downgraded? I upgraded because clamav-0.54 and
clamav-20030403 sometimes just dies, and I get
2003-04-29 00:10:06 19AC8F-0006zQ-00 temporarily rejected by exiscan():
Temporary local problem (unable to connect to clamd UNIX socket
(/tmp/clamd). errno=146).
I even have an auto-restar
Hi,
I'm using exim-exiscan-clamav combination on a Solaris 8 box running as
MTA that handles about 10 mail daily.
Sometimes clamd just stops for unknown reason. The process is simply
gone, and then exiscan would complain "could not connect to clamd socket".
Yesterday I updated clamav from cl
18 matches
Mail list logo
